From 9c98287a6a94e681a77feba371786de2c12ca587 Mon Sep 17 00:00:00 2001
From: Benjamin Renard <brenard@easter-eggs.com>
Date: Fri, 24 Nov 2023 10:30:58 +0100
Subject: [PATCH] Upgrade docker image to Bookworm, upgrade hooks and add
 bandit hook

---
 .pre-commit-config.yaml | 62 ++++++++++++++++++++++-------------------
 Dockerfile              |  3 +-
 2 files changed, 36 insertions(+), 29 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 143d507..2de8f8a 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,39 @@
 # Pre-commit hooks to run tests and ensure code is cleaned.
 # See https://pre-commit.com for more information
 repos:
+- repo: https://github.com/asottile/pyupgrade
+  rev: v3.15.0
+  hooks:
+  - id: pyupgrade
+    args: ['--keep-percent-format', '--py37-plus']
+- repo: https://github.com/psf/black
+  rev: 23.11.0
+  hooks:
+  - id: black
+    args: ['--target-version', 'py37', '--line-length', '100']
+- repo: https://github.com/PyCQA/isort
+  rev: 5.12.0
+  hooks:
+  - id: isort
+    args: ['--profile', 'black', '--line-length', '100']
+- repo: https://github.com/PyCQA/flake8
+  rev: 6.1.0
+  hooks:
+  - id: flake8
+    args: ['--max-line-length=100']
+- repo: local
+  hooks:
+  - id: pylint
+    name: pylint
+    entry: pylint
+    language: system
+    types: [python]
+    require_serial: true
+- repo: https://github.com/PyCQA/bandit
+  rev: 1.7.5
+  hooks:
+  - id: bandit
+    args: [--skip, "B101", --recursive, "mylib"]
 #-   repo: local
 #    hooks:
 #    -   id: pytest
@@ -9,31 +42,4 @@ repos:
 #        language: system
 #        types: [python]
 #        pass_filenames: false
--   repo: local
-    hooks:
-    -   id: pylint
-        name: pylint
-        entry: pylint
-        language: system
-        types: [python]
-        require_serial: true
--   repo: https://github.com/PyCQA/flake8
-    rev: 6.0.0
-    hooks:
-    -   id: flake8
-        args: ['--max-line-length=100']
--   repo: https://github.com/asottile/pyupgrade
-    rev: v3.3.1
-    hooks:
-    - id: pyupgrade
-      args: ['--keep-percent-format', '--py37-plus']
--   repo: https://github.com/psf/black
-    rev: 22.12.0
-    hooks:
-    - id: black
-      args: ['--target-version', 'py37', '--line-length', '100']
--   repo: https://github.com/PyCQA/isort
-    rev: 5.12.0
-    hooks:
-    - id: isort
-      args: ['--profile', 'black', '--line-length', '100']
+minimum_pre_commit_version: 3.2.0
diff --git a/Dockerfile b/Dockerfile
index 9351e72..534050a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,7 @@
 from debian:stable-slim
 
-RUN apt-get update && apt-get install --no-install-recommends -y python3-all python3-dev python3-pip python3-venv build-essential pylint3 git pre-commit && apt-get clean && rm -fr rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install --no-install-recommends -y python3-all python3-dev python3-pip python3-venv build-essential pylint git && apt-get clean && rm -fr rm -rf /var/lib/apt/lists/*
+RUN pip install pre-commit --break-system-packages
 RUN mkdir /tmp/src
 COPY .pre-commit-config.yaml fake_python_module /tmp/src/
 RUN cd /tmp/src && git init && git add * && pre-commit autoupdate && pre-commit run --all-files && rm -fr /tmp/src